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vl . An enforcement architecture for digital rights management, wherein 
the architecture Enforces rights in protected digital content, the architecture comprising: 

a content server for distributing the digital content; 
a license server for issuing at least one digital license corresponding 
to and separate from £he digital content; and 

aVomputing device for receiving the distributed digital content and 
for receiving and storing a^iy digital license corresponding to the digital content, the 
computing device having: 

rendering application for rendering the digital content; and 
aiJigitalJtights Management (DRM) system for being 
invoked by the rendering application upop such rendering application attempting to render 



the digital content, the DRM $ 
content in the manner sought < 
device and corresponding to tin 

2. The arc! 
communicatively coupled to a 



ring whether a right to render the digital 
:ists onViy digital license stored in the computing 
ffitalVonten? 

itepture of cWn 1, wherein the content server is 

[ork and distributes the digital content over the network. 



3. The architecf&re of claim A wherein the content server is 
25 communicatively coupled to the Internet and distributes the digital content over the 
Internet. 



4. The architecture of claim 1, wherein the license server is 
communicatively coupled to a network and issues the at l\ast one digital license over the 
30 network. 
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5. The architecture of claim 4, wherein the license server is 
communicatively coupled to the Internet and issue/ the at least one digital license over the 
Internet. 

6. The architecture of clairfi 1 , wherein the content server is 
communicatively coupled to a portable mediiAn writer and distributes the digital content 
on a portable medium written by the portable medium writer, the portable medium selected 
from the group consisting of an optical storage medium and a magnetic storage medium. 

7. The architecture of cjaim 1 , wherein the content server distributes 
the digital content in an encrypted form. 



15 



20 



8. The architecture of/claim 7 v wherein each digital license 
corresponding to the digital content iftcl^aes: 

a decryption l^ejf decrypts the encrypted digital content; and 
a description 6f$e fcjghts conferred by the license, wherein the 
encrypted digital content cannot belledirypted and rendered without obtaining such license 
from the license server, 



The architecture of 



corresponding to the digital content 
license to the encrypted digital content. 



;laim 8, wherein each digital license 



er includes a digital signature that binds the 



25 



30 



10. The architecture of claim 1, wherein if the DRM system determines 
that the right to render the digital/content in the manner sought does not exist based on any 
digital license stored in the computing device and corresponding to the digital content, 
such DRM system directs a computing device user to the license server to obtain a digital 
license to render such digital content in the manner sought. 
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1 1 . The architecture of claim 1 , wherein if the D#M system determines 
that the right to render the digital content in the manner sought do&s not exist based on any 
digital license stored in the computing device and corresponding to the digital content, 
such DRM system transparently obtains a digital license fropi the license server without 
any action necessary on the part of a computing device use 



12. The architecture of claim 1 , wherein the DRM system includes a 
license store for storing digital licenses. 

10 13. The architecture of claim A , wherein each digital license 

corresponding to the digital content is bound to such digital content. 



14. The architecture of claim 13, wherein each digital license 
corresponding to the digital contpn^ is bo^nd tj> such digital content by way of a public / 

1 5 private key technique. 

15. The archi tec lire of claim 1, wherein the license server issues a 



20 



digital license to a DRM syste 
by the license. 



only if the license server trusts such DRM system to abide 



1 6. The arctttetourfe of claim 1 5, wherein the content server distributes 
the digital content in an encr>pted fqrn^ and wherein the DRM system includes a trusted 
black box for performing decryption a^fl encryption functions for such DRM system. 



25 17. Thef architecture of claim 16, wherein the black box includes a 

unique public / private key pair for performing the decryption and encryption functions. 



1 8. The architecture of claim 1 7, wherein the license server issues each 
digital license in respdnse to a license request from the DRM system, the license request 
30 including the black b6x public key, the license server encrypting at least a portion of the 



MSFT-OdP -57- PATENT 

digital license according to the black box public key prior to issuance of y $uch license, 
thereby binding such license to such black box. 



19. The architecture of claim 18, wherein the content server distributes 
the digital content in an encrypted form, wherein each digital license corresponding to the 
digital content includes a decryption key that decrypts the encrypted digital content, and 
wherein the license server encrypts the decryption key in tjie license according to the black 
box public key. 
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20. The architecture of claim 19, ^herein each digital license 
corresponding to the digital content further includes a description of the rights conferred 
by the license, wherein the encrypted digital content cannot be decrypted and rendered 
without obtaining such license from the license yserver, and wherein the license server 
encrypts the rights description in the lice^s^acfcordin&to the decryption key. 



21. 

version number. 



The architecture/of cMm 16, wherein the black box includes a 



22. The architecture tff claim 21 wherein the license server issues each 
20 digital license in response to a licence Ifequest from the DRM system, the license request 
including the version number of the Mack box, the license server determining prior to 
issuance of the license whether the version number of the black box is acceptable, the 
license server upon determining that tkp version number of the black box is not acceptable 
refusing to issue the license until tMe black box is updated, the architecture further 
25 comprising a black box server for/providing an updated black box to the DRM system. 



23. The architecture of claim 16, wherein the black box includes a 
certifying authority signature as provided by an approved certifying authority. 



30 



24. The architecture of claim 23 wherein the license server issues each 



* 
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digital license in response to a license request from the DRM system, the license request 
including the certifying authority signature, the license server determining prior to 
issuance of the license whether the certifying authority signature is valid. 
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25. The architecture of claim 15, wherein each digital license 
corresponding to the digital content includes a description of thor rights conferred by the 
license, and wherein the DRM system includes a trusted license evaluator for evaluating 
the rights description and allowing rendering of the digital content by the rendering 
application only if such rendering is in accordance with tye rights description of the 
license. 



15 



26. The architecture of claim 1 ftfrther comprising an issued license 
database for maintaining information on digital licenses issued by the license server, 
wherein if the computing device loses a received license, a re-issue thereof may be 
provided based on the information in the issuea license database. 



20 



27. The architecture of claija^l further comprising an authoring tool for 
authoring the digital content dist^ibjit^d tyfihs content server in a form amenable to the 
architecture. 



28. The archi 
digital content according to a de^i 
and the encryption key in a 



ecture of claim 27 wherein the authoring tool encrypts the 
ion key and stores information on the digital content 
contdpt^ey database. 



25 29. The architecture of claim 28 wherein the license server accesses the 

information on the digital content and the encryption key in the content-key database prior 
to issuance of a license corresponding to the digital content, and includes the decryption 
key with such license as issi 
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30. A method for implementing digital rights management, wherein the 



3= 
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method enforces rights in protected digital content, the method comprising 

distributing the digital content from a content server to a computing 

device of a user; 

receiving the distributed digital content at the computing device; 
5 attempting to render the digital content by w^y of a rendering 

application; 

invoking, by the rendering application, a/Digital Rights 
Management (DRM) system upon such rendering applicatiopr attempting to render the 
digital content; 

10 determining, by the DRM systems/Whether a right to render the 

digital content in the manner sought exists based on any digital license stored in the 
computing device and corresponding to the digital c/ntent; and 
if the right does not>exist: 

requesting from a license server a digital license that 
15 provides such right and that correspdhds to alp is'separate from the digital content; 



issuini^by tlje^cense server, the digital license to the DRM 
receiion j, W/ the (computing device, the issued digital license 



system; 



corresponding to the digital conten 



fix m the license server; and 



storing 



31. The method oEc 



e received digital license on the computing device. 



aim 30, wherein the distributing step comprises 



distributing the digital content over/a network. 



25 32. The method of claim 3 1 , wherein the distributing step comprises 

distributing the digital content over the Internet. 

33. The method of claim 30, wherein the issuing step comprises issuing 
the digital license over a network. 
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34. The method of claim 33, wherein the issuing step^omprises issuing 
the digital license over the Internet. 



/ 



35. The method of claim 30, wherein the distributihg step comprises 
distributing the digital content on a portable medium selected fromythe group consisting of 
an optical storage medium and a magnetic storage medium. 



10 



15 



25 



36. The method of claim 30, wherein the distributing step comprises 
distributing the digital content in an encrypted form. 

37. The method of claim 36, further comprising including with each 
digital license corresponding to the digital content: 

a decryption key that decrypts ttfe encrypted digital content; and 
a description of the rights conferred by the license, wherein the 

encrypted digital content cannot be decrypted and rendered without obtaining such license 

from the license server. 



38. The method of cj 
comprises including with each digita 
20 signature that binds the license to the ejncfrypt 



of cla 
t^Mic 



/herein the including step further 
^rresponding to the digital content a digital 
digital content. 



39. The method of cfaihi p0> wherein the requesting a digital license 
step comprises directing, by the DRM system, a computing device user to the license 
server to obtain a digital license to render such digital content in the manner sought. 

40. The method of cl^lm 30, wherein the requesting a digital license 
step comprises transparently obtaining, py the DRM system, a digital license from the 
license server without any action necessary on the part of a computing device user. 
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41. The method otfclaim 30, wherein the storing step comprises storing, 
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by the DRM system, the received digital license in a license store of the DRM system. 



42. The method of claim 30, further comprising bindjfcg, by the license 
server, the digital license to the corresponding digital content. 

43. The method of claim 42, comprising bindfng, by the license server, 
the digital license to the corresponding digital content by way^of a public / private key 
technique. 
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44. The method of claim 30, whereiir the issuing step comprises issuing, 
by the license server, the digital license to the DRM system only if the license server trusts 
such DRM system to abide by the license. 



m 



gita 



45. The method of cl 
distributing, by the content server, the 
comprising employing a trusted black bjoxT; 
encryption functions for such DRM systa 



rein the distributing step comprises 
itent in an encrypted form, and further 
)RM system to perform decryption and 



46. The method of cldim 45, wherein the black box includes a public / 
private key pair, and wherein the requesting a digital license step comprises including in 
the request the black box public key; and furtner comprising encrypting, by the license 
server, at least a portion of the digital license according to the black box public key prior to 
issuance of such license, thereby yoinding such license to such black box. 
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47. The method of claim 46, wherein the distributing step comprises 
distributing the digital content in an encrypted form, and further comprising: 

including with each digital license corresponding to the digital 
content a decryption key that decrypts the encrypted digital content; and 

encrypting, by the license server, the deception key in the license 
according to the black box public key. 
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48. The method of claim 47, further comprising: 
including with each digital license/corresponding to the digital 

content a description of the rights conferred by the license, wherein the encrypted digital 
content cannot be decrypted and rendered without obtaining such license from the license 
server; and 

encrypting, by the license server, the rights description in the licence 
according to the decryption key. 

49. The method of claim 4f/, wrfkreln the black box includes a version 



number, and wherein the requesting a digital 



request the version number of the black box, urtheAcomprising 



icen \o4\esp comprises including in the 



determining, by the licfcnst 
whether the version number of the black box 

upon determining that tfte|\| 
acceptable, the license server refusing to issue ttye 
the architecture further comprising a black box 
to the DRM system. 



server, prior to issuance of the license 
eptable; and 

ersion number of the black box is not 
license until the black box is updated, 
er for providing an updated black box 



30 



50. The method of claim 45, wherein the black box includes a certifying 
authority signature as provided by an approved certifying authority, and wherein the 
requesting a digital license step comprises including the certifying authority signature, the 
license server determining prior to issuanc^ of the license whether the certifying authority 
signature is valid. 
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5 1 . The method of claim 44, wherein the issuing the digital license step 
comprises including with the digital license a description of theyrights conferred by the 
license, and further comprising: 

evaluating, by a trusted license evalua^6r of the DRM system, the 

rights description; and 

allowing rendering of the digital corftent by the rendering 
application only if such rendering is in accordance with tjie rights description of the 
license. 



15 



52. The method of claim 30 further comprising maintaining information 
on digital licenses issued by the license server in an issued license database, wherein if the 
computing device loses a received license, a r^-i^sye there^may be provided based on the 
information in the issued license database. 



20 



25 



53. The method of claim 30'ninher comprising authoring, by an 



authoring tool, the digital content distribu 
the architecture. 

54. The method of clai 
encrypting the digi 



y the\content server in a form amenable to 



53 



wherein the authoring step comprises: 



content according to a decryption key; and 



a content-key database. 



storing informatiqfo qntpe digital content and the encryption key in 



55. The method of/claim 54 wherein the issuing the digital license step 

comprises: 

accessing, byl the license server, the information on the digital 
content and the encryption key in tne content-key database prior to issuance of a license 
30 corresponding to the digital contort; and 
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including the decryption key with such license as issued. 

/ 

56. An enforcement architecture for digital rights management, wherein 
the architecture enforces rights in protected digital content, thearchitecture comprising: 

a content server communicatively coupled to a network for 
distributing the digital content over the network; 

a license server for issuing at least olie digital license corresponding 
to and separate from the digital content, the license servenbeing communicatively coupled 
to the network for issuing the at least one digital license over the network; and 

a computing device communicatively coupled to the network for 
receiving the distributed digital content and for receiving any digital license corresponding 
to the digital content, the computing device also having: 

a memory for stomng/any digital license corresponding to the 
digital content; / 

a rendering applic 



content; and 

a Digital Rights 
invoked by the rendering application upon $uch re! 
the digital content, the DRM system for det6rtmmr\g 
content in the manner sought exists based oruany di^ 
device and corresponding to the digital confc 



for attempting to render the digital 

ipment (DRM) system for being 

Lg application attempting to render 
whether a right to render the digital 
tal license stored in the computing 



57. The architecture of 0laim 56^Vherein the content server is 
communicatively coupled to the Internet ^nd distributes the digital content over the 
Internet. 



58. The architecture of claim 56, wherein the license server is 
communicatively coupled to the Mernet and issues the at least one digital license over the 
Internet. / 
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59. The architecture of claim 56, wherein the content server is also 
communicatively coupled to a portable medium writer and distributes the digital content 
on a portable medium written by the portable medium writer, the portable medium selected 
from the group consisting of an optical storage medium and a magnetic storage medium, 
and wherein the computing device includes a portable medium reader corresponding to the 
portable medium writer for receiving and reading the portable medium. 



10 



15 



60. The architecture of claim 56, wherein the content server distributes 
the digital content in an encrypted form. 

6 1 . The architecture of claim 6Qf 9 wherein each digital license 
corresponding to the digital content includes: 

a decryption key that decrypts the encrypted digital content; and 
a description of di^ghfe^nfeired by the license, wherein the 

encrypted digital content cannot be decrypte#and rendered without obtaining such license 

from the license server. 

62. The architectui e of/claim 6 1 , wherein each digital license 



20 



corresponding to the digital content 
license to the encrypted digital conte 



■ includes a digital signature that binds the 



25 



63. The architecture hf clkim 56, wherein if the DRM system 
determines that the right to render the digitall content in the manner sought does not exist 
based on any digital license stored in the computing device and corresponding to the 
digital content, such DRM systeny directs a computing device user to the license server to 
obtain a digital license to render shich digital content in the manner sought. 
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64. The architecture of claim 56, wherein if the DRM system 
determines that the right to render the digital content in the manner sought does not exist 
based on any digital license sftored in the computing device and corresponding to the 
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digital content, such DRM system transparently obtains a digital license from the license 
server without any action necessary on the part of a computing device user. 



65. The architecture of claim 56, wherein th^DRM system includes a 
5 license store for storing digital licenses. 

66. The architecture of claim 56, wherein each digital license 
corresponding to the digital content is bound to such digital content. 

1 0 67. The architecture of claim 66, wherein each digital license 

corresponding to the digital content is bound to suc/l digital content by way of a public / 
private key technique. 



m 
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68. The architecture of clain^f 56, wherein the license server issues a 
digital license to a DRM system only if meWense ^efver trusts such DRM system to abide 
by the license. 



69. The architecture 
the digital content in an encrypted form, 
black box for performing decryption 



yfclaim 68, wherein the content server distributes 
id whereip the DRM system includes a trusted 
lcryption functions for such DRM system. 



70. The architecture ofi claim 69, wherein the black box includes a 
unique public / private key pair for rferfonhihg the decryption and encryption functions. 



25 
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7 1 . The architecture of claim 70, wherein the license server issues each 
digital license in response to a lic/ense request from the DRM system, the license request 
including the black box public kfey, the license server encrypting at least a portion of the 
digital license according to thei>lack box public key prior to issuance of such license, 
thereby binding such license tp such black box. 
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72. The architecture of claim 7 1 , wherein the content server distributes 
the digital content in an encrypted form, wherein each digital lidense corresponding to the 
digital content includes a decryption key that decrypts the enotypted digital content, and 
wherein the license server encrypts the decryption key in ihp license according to the black 
box public key. 



10 



73. The architecture of claim 72, wKerein each digital license 
corresponding to the digital content further includes k description of the rights conferred 
by the license, wherein the encrypted digital contei/t cannot be decrypted and rendered 
without obtaining such license from the license server, and wherein the license server 
encrypts the rights description in the license according to the decryption key. 



15 



20 



74. 

version number. 



The architecture-of claifo 69, wherein the black box includes a 



75. The archite 
digital license in response to a licj 
including the version number of the bla< 



aim 74 wherein the license server issues each 
lefct from the DRM system, the license request 
boW, the license server determining prior to 



issuance of the license whether the version mimber of the black box is acceptable, the 
license server upon determining that the version number of the black box is not acceptable 
refusing to issue the license until the black box is updated, the architecture further 
comprising a black box server for providing an updated black box to the DRM system. 



76. The architecfure claim 69, wherein the black box includes a 
25 certifying authority signature as provided by an approved certifying authority. 
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77. The architecture of claim 76 wherein the license server issues each 
digital license in response to a license request from the DRM system, the license request 
including the certifying authority signature, the license server determining prior to 
issuance of the license whether the certifying authority signature is valid. 
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78. The architecture of claim 68, wherein ea<^h digital license 
corresponding to the digital content includes a description of the rights conferred by the 
license, and wherein the DRM system includes a trusted license evaluator for evaluating 

5 the rights description and allowing rendering of the digital content by the rendering 
application only if such rendering is in accordance withyflie rights description of the 
license. 

79. The architecture of claim 56yfiuther comprising an issued license 
10 database for maintaining information on digital licenses issued by the license server, 

wherein if the computing device loses a received license, a re-issue thereof may be 
provided based on the information in the issueg license database. 
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80. The architecture of clalim 56 further comprising an authoring tool 
for authoring the digital content chstributed/fey the content server in a form amenable to the 
architecture. 



81. The architejcturi 
digital content according to a deeiftpti 
and the encryption key in a conteqt-kei datal&se. 



f claim 80 wherein the authoring tool encrypts the 
key and stores information on the digital content 



25 



82. The architechife 6£ claim 81 wherein the license server accesses the 
information on the digital content aim the\encryption key in the content-key database prior 
to issuance of a license correspondipg\to tf^e digital content, and includes the decryption 
key with such license as issued. 
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83. An enforcement architecture for digital rights management, wherein 
the architecture enforces rights in protected digital content, the architecture comprising: 



an authorii 
amenable to the architecture; 



g tool for authoring the digital content in a form 



10 
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a content server for receiving the digital content from the authoring 
tool and distributing the digital content; and 

a license server for issuing at least one digital license corresponding 
to and separate from the digital content, wherein a computing aevice receives the 
distributed digital content and receives and stores any digital/license corresponding to the 
digital content, the computing device having a rendering application for rendering the 
digital content; and a Digital Rights Management (DRM)iystem for being invoked by the 
rendering application upon such rendering application attempting to render the digital 
content, the DRM system for determining whether a ridit to render the digital content in 
the manner sought exists based on any digital license ^stored in the computing device and 
corresponding to the digital content. 
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84. The architecture of claim 8£, wherein the content server is 
communicatively coupled to a network and $strjbutes the digital content over the network. 



85. The architecture of 
communicatively coupled to the Internet 
Internet. 

86. The architecture of c 
communicatively coupled to a network ancj 
network. 



air 



wherein the content server is 
ibutes the digital content over the 



air 



issi 



83, wherein the license server is 

ss the at least one digital license over the 



87. The architecture of claim 86, wherein the license server is 
25 communicatively coupled to the Internet/ and issues the at least one digital license over the 
Internet. 



88. The architecture of claim 83, wherein the content server is 
communicatively coupled to a portable medium writer and distributes the digital content 
30 on a portable medium written by the portable medium writer, the portable medium selected 
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from the group consisting of an optical storage medium and a magnetic storage medium. 

89. The architecture of claim 1, wherein the consent server distributes 
the digital content in an encrypted form. 



10 



90. The architecture of claim 89, wherein ^ach digital license 

corresponding to the digital content includes: 

a decryption key that decrypts the encrypted digital content; and 
a description of the rights conferred by the license, wherein the 

encrypted digital content cannot be decrypted and rencjered without obtaining such license 

from the license server. 



15 



91 . The architecture of claim 90, wherein each digital license 
corresponding to the digital content furth^ includes a digital signature that binds the 
license to the encrypted digital content. 



20 



92. The architects 
directed to the license server by the D 



83, wherein a computing device user is 



[rstem to obtain a digital license to render the 
digital content in the manner sought ifltheypRM-system determines that the right to render 
such digital content in the manner sought? does not exist based on any digital license stored 
in the computing device and corresponding ip the digital content. 



93. The architecture oKclaifri 83, wherein the DRM system 
transparently obtains a digital license! fromNhi license server without any action necessary 
25 on the part of a computing device user if the DRM system determines that the right to 
render the digital content in the manner sought does not exist based on any digital license 
stored in the computing device ana corresponding to the digital content. 



94. The architecture of claim 83, wherein each digital license 
30 corresponding to the digital content is bound to such digital content. 
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95. The architecture of claim 94, wherein each digital license 
corresponding to the digital content is bound to such digitalycontent by way of a public / 
private key technique. 

96. The architecture of claim 83, wherein the license server issues a 
digital license to a DRM system only if the license seper trusts such DRM system to abide 
by the license. 
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97. The architecture of claim 96, wherein the content server distributes 
the digital content in an encrypted form, wherein the DRM system includes a trusted black 
box for performing decryption and encryption functions for such DRM system, wherein 
the black box includes a unique public / private key pair for performing the decryption and 
encryption functions, and wherein the licen^/server issues each digital license in response 
to a license request from the DRM system,/ t)iq license request including the black box 
public key, the license server encrypting ailea^t a^p6rtion of the digital license according 
to the black box public key prior to issuaiwj^f s^ich license, thereby binding such license 
to such black box. 

98. The architecture off cliim 97, wherein the content server distributes 
the digital content in an encrypted form J wherein each digital license corresponding to the 



digital content includes a decryption keylthi 



t decrypts the encrypted digital content, and 



30 



wherein the license server encrypts the /decryption key in the license according to the black 
box public key. 

99. The architectui/e of claim 98, wherein each digital license 
corresponding to the digital content farther includes a description of the rights conferred 
by the license, wherein the encrypted digital content cannot be decrypted and rendered 
without obtaining such license from the license server, and wherein the license server 
encrypts the rights description in the license according to the decryption key. 



» 
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100. The architecture of claim 97, wherein the black box includes a 
version number, and wherein the license server issues each digital license in response to a 
license request from the DRM system, the license request including the version number of 
the black box, the license server determining prior to issuance of the license whether the 
version number of the black box is acceptable, the licenseyserver upon determining that the 
version number of the black box is not acceptable refusing to issue the license until the 
black box is updated, the architecture further comprising a black box server for providing 
an updated black box to the DRM system. 

101. The architecture of claim 97 J wherein the black box includes a 
certifying authority signature as provided by an approved certifying authority, and wherein 
the license server issues each digital license in response to a license request from the DRM 
system, the license request including the certifying authority signature, the license server 



determining prior to issuance of the li 
valid. 



ise whether the certifying authority signature is 



1 02. The architecturlp^Sf ofoim 96, wherein each digital license 
corresponding to the digital content inblutfes^ description of the rights conferred by the 
license, and wherein the DRM system includes a trusted license evaluator for evaluating 



the rights description and allowing rendij 
application only if such rendering is in zjcl 
license. 



g of the digital content by the rendering 
rdance with the rights description of the 



25 103. The architecture of claim 83 further comprising an issued license 

database for maintaining information on digital licenses issued by the license server, 
wherein if the computing device loses a received license, a re-issue thereof may be 
provided based on the information in the issued license database. 



30 



104. The architecture of claim 83 wherein the authoring tool encrypts the 
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digital content according to a decryption key and stores infp 
and the encryption key in a content-key database. 



1 05 . The architecture of cl^ 
the information on the digital content and i 
prior to issuance of a license correspond 
decryption key with such license as , 
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lion on the digital content 



erein the license server accesses 
ryption key in the content-key database 
digital content, and includes the 
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